公开(公告)号：US20220155127A1

公开(公告)日：2022-05-19

申请号：US17592239

申请日：2022-02-03

申请人： Visa Europe Limited

发明人： Boris Taratine

IPC分类号： G01F23/18

摘要： Systems, methods and apparatus for enabling access to secure data. A first module is arranged to generate a limited use passcode and make the passcode available to a user. A second module and a third module are arranged to communicate whereby to enable detection of the third module being in proximity to the second module. A fourth module is arranged to receive a passcode via user input. The apparatus is arranged to enable access to secure data in dependence on the fourth module receiving a valid passcode generated by the first module and the third module being in proximity to the second module.

公开(公告)号：US11138596B2

公开(公告)日：2021-10-05

申请号：US14883508

申请日：2015-10-14

申请人： Visa Europe Limited

发明人： Paul Michael Carpenter ,  Jonathan Paul Sumpster ,  Andrew Paul Thompson ,  Christopher Ian Abrathat ,  Jonathan Rusca ,  Jean-Christophe Gilbert Lacour ,  Michael Ronald Philpotts

IPC分类号： G06Q20/38 ,  G06Q20/40 ,  H04L29/06

摘要： Method and apparatus for transmitting credentials to a transaction processing system, the credentials arranged in sets and a set including a unique identifier and verification data elements. Credentials are activated and are then available for use in at least one subsequent transaction. In the transaction, in response to receiving authorization from a user, the unique identifier and verification data elements from a set are transmitted to the transaction processing system for the user. The credentials are activated using an activation mode selected from at least a first activation mode and a second activation mode. In the first activation mode, additional user input for the verification data elements associated with the unique identifier is received from the user. In the second activation mode, the user is authenticated, and verification data elements are received via a data communications network are received from a trusted data processing system remote from the user.

公开(公告)号：US10764269B2

公开(公告)日：2020-09-01

申请号：US16283459

申请日：2019-02-22

申请人： Visa Europe Limited

发明人： Paul Michael Carpenter ,  Jonathan Paul Sumpster ,  Andrew Paul Thompson ,  Christopher Ian Abrathat ,  Jonathan Rusca ,  Jean-Christophe Gilbert Lacour ,  Michael Ronald Philpotts

IPC分类号： H04L29/06 ,  G06F21/31 ,  G06Q20/40

摘要： Method and apparatus for creating a second unique identifier for a user in a second system based on a first unique identifier for a user in a first system. A first authentication process is initiated based on a first unique identifier associated with the user in the first system. Responsive to the user successfully authenticating during the first authentication process, the second unique identifier for a user in the second system is generated. The second unique identifier is based on user data associated with the first unique identifier in the first system, and the second unique identifier is different from the first unique identifier.

公开(公告)号：US10762499B2

公开(公告)日：2020-09-01

申请号：US15004753

申请日：2016-01-22

申请人： VISA EUROPE LIMITED

发明人： Boris Taratine ,  Malcolm Lewis

IPC分类号： G06Q20/38 ,  G06Q20/40 ,  G06Q20/32 ,  H04W4/029

摘要： Measures, including methods, apparatus and computer software are provided for processing electronic tokens. An authorization request is received in relation to processing of an electronic token. An identifier for a user terminal associated with the electronic token, and an account, are determined on the basis of the authorization request. In some arrangements, a location query for the user terminal is performed on the basis of the determined identifier, whereby to determine a location of the user terminal on the basis of a proximity of the user terminal to one or more base stations in a cellular telecommunications network. In some arrangements, a challenge message is sent to the user terminal, to establish a confidence that the transacting user terminal is the designated user terminal. Processing of the electronic token in relation to the account is selectively authorized on the basis of the result of the location query or challenge response.

公开(公告)号：US20200226569A1

公开(公告)日：2020-07-16

申请号：US16706515

申请日：2019-12-06

申请人： Visa Europe Limited

发明人： Omar Rifaat ,  Dave Wilson

IPC分类号： G06Q20/20 ,  G06Q20/34 ,  G06Q20/04 ,  G06Q20/32 ,  G07F7/10

摘要： A program for running on a processor of a portable payment device is adapted for carrying out a payment interaction and permitting ticket storage in a memory of the portable payment device. The program is configured to interact with an access point and includes a set of instructions, a first code portion and a second code portion. The set of instructions, when executed by the processor, causes the portable payment device to perform the steps of: responsive to a first message from said access point, executing the first code portion; and responsive to a second message from the access point, executing the second code portion. The first code portion includes first instructions corresponding to the payment interaction. The second code portion includes instructions corresponding to the payment interaction and second instructions corresponding to the ticket interaction.

公开(公告)号：US10692070B2

公开(公告)日：2020-06-23

申请号：US16091498

申请日：2017-05-11

申请人： Visa Europe Limited

发明人： Nicolas David Mackie ,  Stuart Fiske

IPC分类号： G06Q20/34

摘要： Methods and apparatus are provided for configuring a contactless application on a chip within a portable device comprising input/output means arranged to communicate with other devices via a contact connection and via a contactless connection. One such method comprises a first process and a second process. The first process comprises receiving, at the chip and from a first other device, a set of computer instructions, to be executed by the chip, to create a contactless application in a data store of the chip and initialise at least one file associated with the contactless application. The first process further comprises configuring the contactless application in accordance with the set of computer instructions. The second process comprises executing, by the chip of the portable device, the contactless application, whereby to transmit data to a second other device. The first process is conducted via physical contact between the first other device and the portable device and the second process is conducted via contactless communication between the portable device and a contactless reader of the second other device.

公开(公告)号：US20190087590A1

公开(公告)日：2019-03-21

申请号：US16163437

申请日：2018-10-17

申请人： Visa Europe Limited

发明人： Boris Taratine ,  Malcolm Lewis

IPC分类号： G06F21/60 ,  G06F17/30 ,  H04L9/32 ,  H04L9/08

摘要： Methods, systems, apparatus and computer programs for enabling access to data by a requesting party. A plurality of sets of data are generated. A one one-way function is then used to generate a plurality of keys each associated with a respective one of the plurality of sets. Information associated with the data in a given set is used as an input to the one-way function when generating the key for that set. The keys are distributed to requesting parties. Subsequently, a requesting party may make a data access request using the received key. Upon receipt of a key, access may be enabled to the data. The requesting party may then generate validation data from information associated with at least a part of the received data and validating the received data by comparing the validation data to data derived from the received key.

公开(公告)号：US20180322497A1

公开(公告)日：2018-11-08

申请号：US15773958

申请日：2016-11-07

申请人： Visa Europe Limited

发明人： GRAHAM Lewis

IPC分类号： G06Q20/40 ,  G06Q20/32 ,  G06Q20/36 ,  G06Q20/38

CPC分类号： G06Q20/4014 ,  G06Q20/3278 ,  G06Q20/3672 ,  G06Q20/3827 ,  G06Q20/401

摘要： There is discussed a method of authorising an electronic transaction in which a user device receives a shared secret and a shared secret identifier. Subsequently, on receipt of transaction data from a transaction terminal, the user device calculates a one-way hash of data comprising the shared secret to generate a hash value, generates authentication data comprising the hash value and the shared secret identifier, and transmits the authentication data to the transaction terminal.

公开(公告)号：US20150254672A1

公开(公告)日：2015-09-10

申请号：US14718989

申请日：2015-05-21

申请人： Visa Europe Limited

发明人： Christian HUESCH ,  Georges YARYURA ,  Michael HOFFMANN ,  Katharina FUHRMANN

IPC分类号： G06Q20/40

摘要： Systems, methods and computer programs for use in processing payment authorization requests for payment transactions to be conducted via a data communications network. At a trusted intermediary system, data indicative of the user having been authenticated by a first authentication process conducted between the user and a data communication interface associated with a bank data processing system is received via a data communication network. In response to the receipt of the authentication-indicative data, a user account corresponding to one or more transactional accounts held by a user at the bank data processing system is activated. Payment data associated with the one or more transactional accounts is stored in a data store in association with the user account. Following a subsequent authentication of the user by a second authentication process conducted between the user and the trusted intermediary system, the stored payment data is retrieved from the data store for use in processing at least one payment authorization request involving the user.

摘要翻译： 用于处理通过数据通信网络进行支付交易的支付授权请求的系统，方法和计算机程序。 在可信赖的中间系统中，经由数据通信网络接收表示用户已经通过在用户与与银行数据处理系统相关联的数据通信接口之间进行的第一认证处理认证的数据。 响应于接收到认证指示数据，激活与银行数据处理系统上的用户持有的一个或多个交易账户对应的用户账户。 与一个或多个事务帐户相关联的付款数据与用户帐户相关联地存储在数据存储中。 在通过在用户和可信中介系统之间进行的第二认证过程对用户的后续认证之后，从数据存储中检索所存储的支付数据，以用于处理涉及用户的至少一个支付授权请求。

公开(公告)号：US20140040146A1

公开(公告)日：2014-02-06

申请号：US14046840

申请日：2013-10-04

申请人： Visa Europe Limited

发明人： Stuart FISKE

IPC分类号： G06Q20/38

CPC分类号： G06Q20/3827 ,  G06Q20/3229 ,  G06Q20/327 ,  G06Q20/3821 ,  G06Q20/3825

摘要： Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any secure element on the user device. The payment application is associated with a certificate and a corresponding hash. The hash is adapted to be generated on the basis of an application expiration date parameter, which is adapted to comprise data indicative of an expiration date of day level granularity associated with the certificate. During processing of the EMV transaction, the point-of-sale terminal verifies the hash, thereby establishing the authenticity of the application expiration date, and hence the validity of the certificate.

摘要翻译： 提供了用于在用户设备和销售点终端之间授权EMV交易的方法，设备和计算机软件，特别地但不排他地，在安全元件不可用于在用户上部署支付应用的情况下 设备。 付款应用程序被部署到处于不在用户设备上的任何安全元素之外的处理环境中。 支付应用程序与证书和相应的哈希相关联。 该哈希适于基于应用程序到期日期参数生成，该参数适于包括指示与该证书相关联的日间级粒度的到期日期的数据。 在处理EMV交易期间，销售点终端验证散列，从而确定应用程序到期日期的真实性，从而确定证书的有效性。